[Snort-users] Detecting worms
This is a discussion on [Snort-users] Detecting worms within the Snort forums, part of the System Security and Security Related category; ....to block all known worms...? Do you use available rules for it or would you share your rules? Thanks in ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
08-18-2004
|
|||
|
|||
[Snort-users] Detecting worms
....to block all known worms...?
Do you use available rules for it or would you share your rules? Thanks in advance, Steffen -----Urspr=FCngliche Nachricht----- Von: snort-users-admin@lists.sourceforge.net [mailto:snort-users-admin@lists.sourceforge.net] Im Auftrag von Alex Butcher, ISC/ISYS Gesendet: Dienstag, 17. August 2004 09:42 An: Rogier Gerritse; snort-users@lists.sourceforge.net Betreff: Re: [Snort-users] Snort 1.9.1/Spade/Snortcenter --On 10 August 2004 16:56 +0200 Rogier Gerritse <Rogier@prevent-it.nl> wrote: > First post on this list so: "Hi all" > > I'm running Snort on RH7.3 I've used the document by Steven J. Scott=20 > and the systems been running stable for a while now. I was using = Snort=20 > 2.1.3 and used the react:block response to block all known worm and=20 > virus traffic which worked fine. > > Now I'm running Snort 1.9.1 and Spade 030125.1. When I add the Spade=20 > detector rules the following happens in SnortCenter 0.9.6: SPADE isn't supported by Snortcenter. My advice is to give up on = Snortcenter now, or start hacking on Snortcenter2 <http://sourceforge.net/projects/snortcenter2/>. Best Regards, Alex. -- Alex Butcher: Security & Integrity, Personal Computer Systems Group Information Systems and Computing GPG Key ID: F9B27DC9 GPG Fingerprint: D62A DD83 A0B8 D174 49C4 2849 832D 6C72 F9B2 7DC9 ------------------------------------------------------- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...=3Dsnort-users ------------------------------------------------------- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
